Hi,
I have a website which uses the sendmail function to send customers enquiries on my website.
Each morning I wake to find 'enquiries' which contain absolute gibberish.
For example:
but utri atic machine the d that we the room, and words he thought you of b=
ecause winked away into our equipment marble sanded unconcealed contempt. h=
e last
Is there some kind vulnerability with the sendmail function?
Is this something I should be concerned about or is it simply an inconvenience?
Why would someone do this?
Any feedback would be appreciated.
Thanks,
Rob.
Sendmail vulnerability?
Moderator: General Moderators
-
spacebiscuit
- Forum Contributor
- Posts: 390
- Joined: Mon Mar 07, 2005 3:20 pm
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
-
spacebiscuit
- Forum Contributor
- Posts: 390
- Joined: Mon Mar 07, 2005 3:20 pm
Hi I am invoking the mail finction as follows:
Any ideas?
Thanks,
Rob.
Code: Select all
mail($to, $subject, $body);Thanks,
Rob.
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
-
spacebiscuit
- Forum Contributor
- Posts: 390
- Joined: Mon Mar 07, 2005 3:20 pm
Ok I have done some investigating and I think I have the answer.
Basically spammers use contact pages to send spam. It works by changing the variable data contained in the url of a submitted page. Although the 'to' email variable maybe hardcoded the spammers exploit a security whole by appending a 'bcc' variable and therefore each time the form is submitted it also sends to a list of emails in this field.
A full explanation can be found here with some measures which can be taken to protect against this security hole. Although not 100% full proof it has at least stopped the activity in my case:
http://www.phpbuilder.com/columns/ian_g ... hp3?page=2
Thanks,
Rob.
Basically spammers use contact pages to send spam. It works by changing the variable data contained in the url of a submitted page. Although the 'to' email variable maybe hardcoded the spammers exploit a security whole by appending a 'bcc' variable and therefore each time the form is submitted it also sends to a list of emails in this field.
A full explanation can be found here with some measures which can be taken to protect against this security hole. Although not 100% full proof it has at least stopped the activity in my case:
http://www.phpbuilder.com/columns/ian_g ... hp3?page=2
Thanks,
Rob.
- Chris Corbyn
- Breakbeat Nuttzer
- Posts: 13098
- Joined: Wed Mar 24, 2004 7:57 am
- Location: Melbourne, Australia
http://phpsense.com/php/php-mail.html
http://www.securephpwiki.com/index.php/Email_Injection
(Both identify Swift Mailer as a suitable solution)
http://www.securephpwiki.com/index.php/Email_Injection
(Both identify Swift Mailer as a suitable solution)